Hi,
Update for Pound to 2.6:
- allow multiple AddHeader directives
- fixed memory leak in config/AddHeader
- fixed memory leak in DH
- fixed problem in SNI certificate storage
- changed long to long long for support of requests larger than 2GB
- added parsing for certificate CN
- fixed problem in task enqueing
- fixed small problem in Makefile
And others, while here, GROFF is not needed and patches applied
upstream.
Little test on amd64, more are wellcome :)
Ok? Comments?
Cheers.
--
Sending from my VCR...
Index: Makefile
===================================================================
RCS file: /cvs/ports/www/pound/Makefile,v
retrieving revision 1.10
diff -u -p -r1.10 Makefile
--- Makefile 26 Jan 2012 08:03:57 -0000 1.10
+++ Makefile 4 Sep 2012 20:14:28 -0000
@@ -2,9 +2,8 @@
COMMENT = HTTP reverse proxy/load balancer/SSL offload
-DISTNAME = Pound-2.5
+DISTNAME = Pound-2.6
PKGNAME = ${DISTNAME:L}
-REVISION = 2
CATEGORIES = www
@@ -29,7 +28,6 @@ CONFIGURE_ARGS += CPPFLAGS="-I${LOCALBAS
--with-owner=root \
--with-group=bin
-USE_GROFF = Yes
NO_REGRESS = Yes
pre-configure:
Index: distinfo
===================================================================
RCS file: /cvs/ports/www/pound/distinfo,v
retrieving revision 1.3
diff -u -p -r1.3 distinfo
--- distinfo 30 Jul 2010 21:22:51 -0000 1.3
+++ distinfo 4 Sep 2012 20:14:28 -0000
@@ -1,5 +1,2 @@
-MD5 (Pound-2.5.tgz) = ijn1kCCUYZr82n0S2dg0LA==
-RMD160 (Pound-2.5.tgz) = b41V7/EbJbCsDatmqskK9TgOJ1M=
-SHA1 (Pound-2.5.tgz) = C8jEW5r7ZPuIELRCEzRcKmfOiow=
-SHA256 (Pound-2.5.tgz) = Ed+ntGljbUOuyANFWJSzCCG6f2ZBwc/UXfUwWdOsTJU=
-SIZE (Pound-2.5.tgz) = 172084
+SHA256 (Pound-2.6.tgz) = CtJeNlLiIRervBenC12JE+BZkTGKVQa8dDfmYmFv3yE=
+SIZE (Pound-2.6.tgz) = 180595
Index: patches/patch-config_c
===================================================================
RCS file: patches/patch-config_c
diff -N patches/patch-config_c
--- patches/patch-config_c 4 Oct 2010 08:47:22 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,42 +0,0 @@
-$OpenBSD: patch-config_c,v 1.1 2010/10/04 08:47:22 sthen Exp $
-
-fix for openssl 1.0
-http://www.apsis.ch/pound/pound_list/archive/2010/2010-02/1266065082000
-
---- config.c.orig Tue Feb 2 11:49:02 2010
-+++ config.c Sun Oct 3 23:27:58 2010
-@@ -431,14 +431,22 @@ t_hash(const TABNODE *e)
- res = (res ^ *k++) * 16777619;
- return res;
- }
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+static IMPLEMENT_LHASH_HASH_FN(t, TABNODE)
-+#else
- static IMPLEMENT_LHASH_HASH_FN(t_hash, const TABNODE *)
-+#endif
-
- static int
- t_cmp(const TABNODE *d1, const TABNODE *d2)
- {
- return strcmp(d1->key, d2->key);
- }
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+static IMPLEMENT_LHASH_COMP_FN(t, TABNODE)
-+#else
- static IMPLEMENT_LHASH_COMP_FN(t_cmp, const TABNODE *)
-+#endif
-
- /*
- * parse a service
-@@ -460,7 +468,11 @@ parse_service(const char *svc_name)
- pthread_mutex_init(&res->mut, NULL);
- if(svc_name)
- strncpy(res->name, svc_name, KEY_SIZE);
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+ if((res->sessions = LHM_lh_new(TABNODE, t)) == NULL)
-+#else
- if((res->sessions = lh_new(LHASH_HASH_FN(t_hash), LHASH_COMP_FN(t_cmp)))
== NULL)
-+#endif
- conf_err("lh_new failed - aborted");
- ign_case = ignore_case;
- while(conf_fgets(lin, MAXBUF)) {
Index: patches/patch-pound_8
===================================================================
RCS file: /cvs/ports/www/pound/patches/patch-pound_8,v
retrieving revision 1.2
diff -u -p -r1.2 patch-pound_8
--- patches/patch-pound_8 3 Oct 2010 22:27:53 -0000 1.2
+++ patches/patch-pound_8 4 Sep 2012 20:14:28 -0000
@@ -1,6 +1,6 @@
$OpenBSD: patch-pound_8,v 1.2 2010/10/03 22:27:53 sthen Exp $
---- pound.8.orig Tue Feb 2 11:49:02 2010
-+++ pound.8 Sun Oct 3 23:27:32 2010
+--- pound.8.orig Wed Dec 28 10:57:45 2011
++++ pound.8 Tue Sep 4 17:04:51 2012
@@ -155,7 +155,7 @@ running a quick syntax check before actually activatin
\fB\-f\fR config_file
Location of the configuration file (see below for a full description of the
format).
@@ -10,7 +10,7 @@ $OpenBSD: patch-pound_8,v 1.2 2010/10/03
.TP
\fB\-p\fR pid_file
Location of the pid file.
-@@ -1142,11 +1142,11 @@ this is where
+@@ -1191,11 +1191,11 @@ this is where
.B Pound
will attempt to record its process id.
.TP
Index: patches/patch-pound_h
===================================================================
RCS file: patches/patch-pound_h
diff -N patches/patch-pound_h
--- patches/patch-pound_h 4 Oct 2010 08:47:22 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,30 +0,0 @@
-$OpenBSD: patch-pound_h,v 1.1 2010/10/04 08:47:22 sthen Exp $
-
-fix for openssl 1.0
-http://www.apsis.ch/pound/pound_list/archive/2010/2010-02/1266065082000
-
---- pound.h.orig Tue Feb 2 11:49:02 2010
-+++ pound.h Sun Oct 3 23:27:58 2010
-@@ -322,6 +322,10 @@ typedef struct _tn {
- /* maximal session key size */
- #define KEY_SIZE 127
-
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+DECLARE_LHASH_OF(TABNODE);
-+#endif
-+
- /* service definition */
- typedef struct _service {
- char name[KEY_SIZE + 1]; /* symbolic name */
-@@ -337,7 +341,11 @@ typedef struct _service {
- int sess_ttl; /* session time-to-live */
- regex_t sess_start; /* pattern to identify the session data */
- regex_t sess_pat; /* pattern to match the session data */
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+ LHASH_OF(TABNODE) *sessions; /* currently active sessions */
-+#else
- LHASH *sessions; /* currently active sessions */
-+#endif
- int dynscale; /* true if the back-ends should be
dynamically rescaled */
- int disabled; /* true if the service is disabled */
- struct _service *next;
Index: patches/patch-svc_c
===================================================================
RCS file: patches/patch-svc_c
diff -N patches/patch-svc_c
--- patches/patch-svc_c 4 Oct 2010 08:47:22 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,230 +0,0 @@
-$OpenBSD: patch-svc_c,v 1.1 2010/10/04 08:47:22 sthen Exp $
-
-fix for openssl 1.0
-http://www.apsis.ch/pound/pound_list/archive/2010/2010-02/1266065082000
-
---- svc.c.orig Tue Feb 2 11:49:02 2010
-+++ svc.c Sun Oct 3 23:27:58 2010
-@@ -27,12 +27,17 @@
-
- #include "pound.h"
-
-+#ifndef LHASH_OF
-+#define LHASH_OF(x) LHASH
-+#define CHECKED_LHASH_OF(type, h) h
-+#endif
-+
- /*
- * Add a new key/content pair to a hash table
- * the table should be already locked
- */
- static void
--t_add(LHASH *const tab, const char *key, const void *content, const size_t
cont_len)
-+t_add(LHASH_OF(TABNODE) *const tab, const char *key, const void *content,
const size_t cont_len)
- {
- TABNODE *t, *old;
-
-@@ -53,7 +58,11 @@ t_add(LHASH *const tab, const char *key, const void *c
- }
- memcpy(t->content, content, cont_len);
- t->last_acc = time(NULL);
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+ if((old = LHM_lh_insert(TABNODE, tab, t)) != NULL) {
-+#else
- if((old = (TABNODE *)lh_insert(tab, t)) != NULL) {
-+#endif
- free(old->key);
- free(old->content);
- free(old);
-@@ -68,12 +77,16 @@ t_add(LHASH *const tab, const char *key, const void *c
- * side-effect: update the time of last access
- */
- static void *
--t_find(LHASH *const tab, char *const key)
-+t_find(LHASH_OF(TABNODE) *const tab, char *const key)
- {
- TABNODE t, *res;
-
- t.key = key;
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+ if((res = LHM_lh_retrieve(TABNODE, tab, &t)) != NULL) {
-+#else
- if((res = (TABNODE *)lh_retrieve(tab, &t)) != NULL) {
-+#endif
- res->last_acc = time(NULL);
- return res->content;
- }
-@@ -84,12 +97,16 @@ t_find(LHASH *const tab, char *const key)
- * Delete a key
- */
- static void
--t_remove(LHASH *const tab, char *const key)
-+t_remove(LHASH_OF(TABNODE) *const tab, char *const key)
- {
- TABNODE t, *res;
-
- t.key = key;
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+ if((res = LHM_lh_delete(TABNODE, tab, &t)) != NULL) {
-+#else
- if((res = (TABNODE *)lh_delete(tab, &t)) != NULL) {
-+#endif
- free(res->key);
- free(res->content);
- free(res);
-@@ -98,59 +115,75 @@ t_remove(LHASH *const tab, char *const key)
- }
-
- typedef struct {
-- LHASH *tab;
-+ LHASH_OF(TABNODE) *tab;
- time_t lim;
- void *content;
- int cont_len;
- } ALL_ARG;
-
- static void
--t_old(TABNODE *t, void *arg)
-+t_old_doall_arg(TABNODE *t, ALL_ARG *a)
- {
-- ALL_ARG *a;
--
-- a = (ALL_ARG *)arg;
- if(t->last_acc < a->lim)
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+ LHM_lh_delete(TABNODE, a->tab, t);
-+#else
- lh_delete(a->tab, t);
-+#endif
- return;
- }
--IMPLEMENT_LHASH_DOALL_ARG_FN(t_old, TABNODE *, void *)
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+IMPLEMENT_LHASH_DOALL_ARG_FN(t_old, TABNODE, ALL_ARG)
-+#else
-+#define t_old t_old_doall_arg
-+IMPLEMENT_LHASH_DOALL_ARG_FN(t_old, TABNODE *, ALL_ARG *)
-+#endif
-
- /*
- * Expire all old nodes
- */
- static void
--t_expire(LHASH *const tab, const time_t lim)
-+t_expire(LHASH_OF(TABNODE) *const tab, const time_t lim)
- {
- ALL_ARG a;
- int down_load;
-
- a.tab = tab;
- a.lim = lim;
-- down_load = tab->down_load;
-- tab->down_load = 0;
-+ down_load = CHECKED_LHASH_OF(TABNODE, tab)->down_load;
-+ CHECKED_LHASH_OF(TABNODE, tab)->down_load = 0;
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+ LHM_lh_doall_arg(TABNODE, tab, LHASH_DOALL_ARG_FN(t_old), ALL_ARG, &a);
-+#else
- lh_doall_arg(tab, LHASH_DOALL_ARG_FN(t_old), &a);
-- tab->down_load = down_load;
-+#endif
-+ CHECKED_LHASH_OF(TABNODE, tab)->down_load = down_load;
- return;
- }
-
- static void
--t_cont(TABNODE *t, void *arg)
-+t_cont_doall_arg(TABNODE *t, ALL_ARG *a)
- {
-- ALL_ARG *a;
--
-- a = (ALL_ARG *)arg;
- if(memcmp(t->content, a->content, a->cont_len) == 0)
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+ LHM_lh_delete(TABNODE, a->tab, t);
-+#else
- lh_delete(a->tab, t);
-+#endif
- return;
- }
--IMPLEMENT_LHASH_DOALL_ARG_FN(t_cont, TABNODE *, void *)
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+IMPLEMENT_LHASH_DOALL_ARG_FN(t_cont, TABNODE, ALL_ARG)
-+#else
-+#define t_cont t_cont_doall_arg
-+IMPLEMENT_LHASH_DOALL_ARG_FN(t_cont, TABNODE *, ALL_ARG *)
-+#endif
-
- /*
- * Remove all nodes with the given content
- */
- static void
--t_clean(LHASH *const tab, void *const content, const size_t cont_len)
-+t_clean(LHASH_OF(TABNODE) *const tab, void *const content, const size_t
cont_len)
- {
- ALL_ARG a;
- int down_load;
-@@ -158,10 +191,14 @@ t_clean(LHASH *const tab, void *const content, const s
- a.tab = tab;
- a.content = content;
- a.cont_len = cont_len;
-- down_load = tab->down_load;
-- tab->down_load = 0;
-+ down_load = CHECKED_LHASH_OF(TABNODE, tab)->down_load;
-+ CHECKED_LHASH_OF(TABNODE, tab)->down_load = 0;
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+ LHM_lh_doall_arg(TABNODE, tab, LHASH_DOALL_ARG_FN(t_cont), ALL_ARG, &a);
-+#else
- lh_doall_arg(tab, LHASH_DOALL_ARG_FN(t_cont), &a);
-- tab->down_load = down_load;
-+#endif
-+ CHECKED_LHASH_OF(TABNODE, tab)->down_load = down_load;
- return;
- }
-
-@@ -1410,13 +1447,11 @@ typedef struct {
- } DUMP_ARG;
-
- static void
--t_dump(TABNODE *t, void *arg)
-+t_dump_doall_arg(TABNODE *t, DUMP_ARG *a)
- {
-- DUMP_ARG *a;
- BACKEND *be, *bep;
- int n_be, sz;
-
-- a = (DUMP_ARG *)arg;
- memcpy(&bep, t->content, sizeof(bep));
- for(n_be = 0, be = a->backends; be; be = be->next, n_be++)
- if(be == bep)
-@@ -1432,19 +1467,28 @@ t_dump(TABNODE *t, void *arg)
- return;
- }
-
--IMPLEMENT_LHASH_DOALL_ARG_FN(t_dump, TABNODE *, void *)
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+IMPLEMENT_LHASH_DOALL_ARG_FN(t_dump, TABNODE, DUMP_ARG)
-+#else
-+#define t_dump t_dump_doall_arg
-+IMPLEMENT_LHASH_DOALL_ARG_FN(t_dump, TABNODE *, DUMP_ARG *)
-+#endif
-
- /*
- * write sessions to the control socket
- */
- static void
--dump_sess(const int control_sock, LHASH *const sess, BACKEND *const backends)
-+dump_sess(const int control_sock, LHASH_OF(TABNODE) *const sess, BACKEND
*const backends)
- {
- DUMP_ARG a;
-
- a.control_sock = control_sock;
- a.backends = backends;
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+ LHM_lh_doall_arg(TABNODE, sess, LHASH_DOALL_ARG_FN(t_dump), DUMP_ARG, &a);
-+#else
- lh_doall_arg(sess, LHASH_DOALL_ARG_FN(t_dump), &a);
-+#endif
- return;
- }
-
